I don't think you need anti-virus with Vista

[Steve Thackery]

I've created a new thread for this because it is seriously off-topic for the
original thread (see "Vista Key.." below).
I've been running Vista Home Premium since 31st January, WITHOUT any
anti-virus software at all, and in fact no other security software
whatsoever apart from what comes "in the box". It is powered up all the
time and permanently connected to the Internet via a router.

It has remained absolutely clean as a whistle. No malware whatsoever.
<<

Alias responded with a very reasonable question:

How would you know? There are millions of computers controlled by bot
nets without the computer owner's knowledge. Root kits and spyware don't
exactly pop up and say, "hey look at me".

And some rather less eloquent person called john declared:

what a load...

Here's how I know: because last week I tried two separate
"we'll-scan-your-PC" services offered by well known anti-virus vendors, who
are hoping to scare you into buying their products. Did it a couple of
times in previous months, too. Also I've got a NOD32 licence (which I don't
use) but I installed it temporarily to see what it said.

So, then, that's three separate scans from three separate vendors, and not a
single peep.

I've also got PC Tools antispyware (again which I don't use), but installed
it temporarily. Again, clean as a whistle. Nothing from Vista's built-in
anti-malware thing either.

Let me ask you something, John and Alias, and you've got to answer
truthfully: when was the last time your anti-virus / security software
popped up and warned you that there was an infection in your machine (or it
had just stopped an infection)?

I'll tell you my answer: I honestly can't remember. I've been using PCs
since well before Windows existed and in truth I've got a vague memory from
(literally) years ago that I once saw a warning, but it is very vague and
maybe it was from one of the test files you can get.

Having bought a second computer two years ago, I decided to experiment by
leaving it connected full time to the Internet with NO protection whatsoever
(I kept using NOD32 on my main machine). For the first year it ran XP SP2,
for the second year it ran Vista Home Premium. I scanned it three times in
the first year, and I've scanned it three times this year, and in EVERY
instance it was completely clean.

Avoiding malware is easy. Here is my three-step guide...

1/ Always connect to the Internet via a router with NAT and a built-in
firewall (i.e. all modern routers), NOT a USB modem.

2/ Use an ISP that offers virus and malware scanning on incoming emails
(they all do, these days).

3/ Use a modicum of common sense when downloading files and programs, and in
particular make sure they come from a reputable source.

4/ And in Vista, do NOT disable UAC (because it disables IE7's protected
mode): instead, make your account an administrator and then set UAC so it
does not require your password, just a click (this does not reduce your
protection significantly, and makes UAC perfectly bearable). Leave the
other security settings at their default.

Yes, I know that's four steps, rather than three, but the final step only
applies to Vista.

With this experience, I'm more convinced than ever that security products
over and above what comes with Vista "in the box" are, for me, completely
unnecessary and a waste of money.

Is anyone else brave enough to reject the current paranoid paradigm?

SteveT.

 

[Andre Da Costa[ActiveWin]]

Trust me, you need Antivirus for Windows Vista, I am running Vista x64 and I
was surprised when I did a scan with Norton AV Corporate Edition 10.2 it
fold several Trojan horses and viruses under C:/Windows which successfully
cleaned and deleted. But regardless of all the security technologies that
come built into the OS, hackers are constantly attacking the platform and
finding new ways to infiltrate the system. That is why you have Antivirus to
stay one step ahead.

 

[Paul Smith]

With this experience, I'm more convinced than ever that security products
over and above what comes with Vista "in the box" are, for me, completely
unnecessary and a waste of money.

Is anyone else brave enough to reject the current paranoid paradigm?

I haven't got around to installing any AV on my Windows Vista machines, the
machines are all locked down and only I can install things. Most infections
come about my a user executing the virus to start with.

--
Paul Smith,
Yeovil, UK.
Microsoft MVP Windows Shell/User.
http://www.dasmirnov.net/blog/
http://www.windowsresource.net/

*Remove nospam. to reply by e-mail*

 

[bomb#20]

I've created a new thread for this because it is seriously off-topic
for the original thread (see "Vista Key.." below).

I've been running Vista Home Premium since 31st January, WITHOUT any
anti-virus software at all, and in fact no other security software
whatsoever apart from what comes "in the box". It is powered up all
the time and permanently connected to the Internet via a router.

It has remained absolutely clean as a whistle. No malware whatsoever.
<<

Alias responded with a very reasonable question:


And some rather less eloquent person called john declared:


Here's how I know: because last week I tried two separate
"we'll-scan-your-PC" services offered by well known anti-virus
vendors, who are hoping to scare you into buying their products. Did
it a couple of times in previous months, too. Also I've got a NOD32
licence (which I don't use) but I installed it temporarily to see
what it said.
So, then, that's three separate scans from three separate vendors,
and not a single peep.

I've also got PC Tools antispyware (again which I don't use), but
installed it temporarily. Again, clean as a whistle. Nothing from
Vista's built-in anti-malware thing either.

Let me ask you something, John and Alias, and you've got to answer
truthfully: when was the last time your anti-virus / security software
popped up and warned you that there was an infection in your machine
(or it had just stopped an infection)?

I'll tell you my answer: I honestly can't remember. I've been using
PCs since well before Windows existed and in truth I've got a vague
memory from (literally) years ago that I once saw a warning, but it
is very vague and maybe it was from one of the test files you can get.

Having bought a second computer two years ago, I decided to
experiment by leaving it connected full time to the Internet with NO
protection whatsoever (I kept using NOD32 on my main machine). For
the first year it ran XP SP2, for the second year it ran Vista Home
Premium. I scanned it three times in the first year, and I've
scanned it three times this year, and in EVERY instance it was
completely clean.
Avoiding malware is easy. Here is my three-step guide...

1/ Always connect to the Internet via a router with NAT and a built-in
firewall (i.e. all modern routers), NOT a USB modem.

2/ Use an ISP that offers virus and malware scanning on incoming
emails (they all do, these days).

3/ Use a modicum of common sense when downloading files and programs,
and in particular make sure they come from a reputable source.

4/ And in Vista, do NOT disable UAC (because it disables IE7's
protected mode): instead, make your account an administrator and then
set UAC so it does not require your password, just a click (this does
not reduce your protection significantly, and makes UAC perfectly
bearable). Leave the other security settings at their default.

Yes, I know that's four steps, rather than three, but the final step
only applies to Vista.

With this experience, I'm more convinced than ever that security
products over and above what comes with Vista "in the box" are, for
me, completely unnecessary and a waste of money.

Is anyone else brave enough to reject the current paranoid paradigm?

SteveT.

I agree with all of that. And not just Vista, but XP too.
I have a modem/router and use CCleaner and that's it.
A couple of years ago I tried Norton , on XP, but it slowed everything up so I ditched it.
Tried a couple of other antivirus programs but they found/reported nothing apart
from cookies so didn't bother in the end.
The last virus I got was with XP (before SP1), can't remember the name of it.
If you can run stuff like Autoruns and Erunt you don't need to get bogged down
with antivirus programs crippling you.
..

 

[Zonky]

Avoiding malware is easy. Here is my three-step guide...

Which avoids that many viruses pass machine to machine via LOCAL network
shares.

Of course, this may not apply in your situation, if you're a single
user/machine behind your firewall/router, but there appears to be a (naive)
assumption that what is local is safe.

 

[Andy C.(never #)]

SNIP

I agree that with a machine behind a firewall, you are much safer than
someone who is attached directly to the internet, but there are lots
of ways to get things onto your pc and you don't even have to click on
anything to have it happen.

You are right that AV software is reactive so it is always behind the
curve, but it still serves a purpose. And at $30-35 a year, it is well
worth the cost if it saves your $1000 pc just once from being
clobbered by some virus or trojan.

You're also correct in saying that most people are to blame for
getting malware on their machines, but that's just a fact of life.
I've been using pcs for about 25 years and I can still hit one key
when I meant to hit another. People are not perfect and never will be.

When was the last time I personally saw a machine that was infected
with a virus? Today. So, while you're experience is no less valid, it
isn't typical.

Don't mean to be argumentative, so I apologize if that's the way I
sound.

Later,

Andy C.(never #)

 

[bomb#20]

Andy C.(never #) wrote:

When was the last time I personally saw a machine that was infected
with a virus? Today. So, while you're experience is no less valid, it
isn't typical.

Just out of interest, could you tell us the name of the virus and the name of the
antivirus program that flagged it ?
Thanks.
..

 

[john]

Trust me, you need Antivirus for Windows Vista, I am running Vista x64 and
I was surprised when I did a scan with Norton AV Corporate Edition 10.2 it
fold several Trojan horses and viruses under C:/Windows which successfully
cleaned and deleted. But regardless of all the security technologies that
come built into the OS, hackers are constantly attacking the platform and
finding new ways to infiltrate the system. That is why you have Antivirus
to stay one step ahead.
--

this all reminds me of this bit from last year:

Allchin Suggests Vista Won't Need Antivirus
By Scott M. Fulton, III, BetaNews
November 9, 2006, 4:26 PM
During a telephone conference with reporters yesterday, outgoing Microsoft
co-president Jim Allchin, while touting the new security features of Windows
Vista, which was released to manufacturing yesterday, told a reporter that
the system's new lockdown features are so capable and thorough that he was
comfortable with his own seven-year-old son using Vista without antivirus
software installed.

On the other hand, he also said this:

"I'm not sure how the company lost sight of what matters to our customers,
both business and home, the most, but in my view we lost our way. I think
our teams lost sight of what bug-free means, what resilience means, what
full scenarios mean, what security means, what performance means, how
important current applications are, and really understanding what the most
important problems our customers face are"
- Jim Allchin, former Platform Products and Services Group, Microsoft.

and this:

"I would buy a Mac today if I was not working at Microsoft."
- Jim Allchin, former Platform Products and Services Group, Microsoft.

 

[Andre Da Costa[ActiveWin]]

That was taken out of context and I believe he made him self much clearer by
insisting that Antivirus is still recommended. What he was trying to really
say was the new feature in Vista - ALSR (Address space layout randomization)
would make it more difficult to easily compromise the operating system
because it involves arranging the positions of key data areas.

 

[Steve Thackery]

Trust me, you need Antivirus for Windows Vista...

Trust me, I don't. I've run for two years (the first year XP SP2),
continuously connected to the Internet via a router, and last week I scanned
with three different virus scanners.

Zip.

SteveT

 

[HeyBub]

I've created a new thread for this because it is seriously off-topic
for the original thread (see "Vista Key.." below).

I've been running Vista Home Premium since 31st January, WITHOUT any
anti-virus software at all, and in fact no other security software
whatsoever apart from what comes "in the box". It is powered up all
the time and permanently connected to the Internet via a router.

That can happen. It can also happen, as evidenced by repair shops and
requests here, that a machine may have more virus code than the operating
system.

It depends.

On what sites you visit, what you download, whether you have kids that are
easily tempted, whether you're on a network with foolish users, and so on.

 

[Steve Thackery]

It depends.

On what sites you visit, what you download, whether you have kids that are
easily tempted, whether you're on a network with foolish users, and so on.

Indeed it does. Viruses and malware are easy to avoid if you are a
reasonably savvy user. If I had kids using my computer, I would most likely
adopt a different policy.

SteveT

 

[NoStop]

Indeed it does. Viruses and malware are easy to avoid if you are a
reasonably savvy user. If I had kids using my computer, I would most
likely adopt a different policy.

SteveT

Steve, Could you please explain what you mean by a "reasonably savvy user"?
How savvy would a user have to be to avoid a drive-by virus attack? Let's
assume that a user didn't have an anti-virus software program installed but
was relying on Microsoft's patches to protect ones computer. Those patches
are updated monthly and will not necessarily plug all holes that might
exist to defeat such an attack.

Here's an interesting little experiment. Yes, it's being run on XP, but it
does compare IE6, IE7 and Firefox 2 in terms of protecting against a
drive-by ...

Notice that his computer is ONLY protected by AV software when he's using
IE. Whether Vista would give him the same protection without AV software
running, I don't know?

Cheers.

--
Remove Vista Activation Completely ...
http://tinyurl.com/2w8qqo

Frank - seek help immediately! Visit ...
http://www.binsa.org/

 

[NoStop]

I haven't got around to installing any AV on my Windows Vista machines,
the
machines are all locked down and only I can install things. Most
infections come about my a user executing the virus to start with.

Not true! Explain drive-by viruses if you would.

Cheers.

--
Remove Vista Activation Completely ...
http://tinyurl.com/2w8qqo

Frank - seek help immediately! Visit ...
http://www.binsa.org/

 

[john]

Indeed it does. Viruses and malware are easy to avoid if you are a
reasonably savvy user. If I had kids using my computer, I would most
likely adopt a different policy.

SteveT

reasonably savvy user?
that may have cut it back in the days when you had to intentionally open an
unknown attachment in an email from an unknown source to get infected.
these days all you have to do is receive the email, or visit a website, or
just be connected to the internet.
virus and spyware purveyors are much more clever these days, cleverer then
many "savvy" users.

even being connected without a -good- AV app runing is just asking for it.

 

[Michael Palumbo]

Not true! Explain drive-by viruses if you would.

Cheers.

--
Remove Vista Activation Completely ...
http://tinyurl.com/2w8qqo

Frank - seek help immediately! Visit ...
http://www.binsa.org/

ActiveX was the main culprit for drive-bys. It was previously able to
execute files and install software without user knowledge or permission.

This isn't the case anymore.

That nice little video shows Norton flagging a virus file (yes,
auto-downloaded to the cache and this shouldn't happen, I agree) but did it
execute? All I saw was an indication that access was denied to the file, no
indication that the file was run, just that it was found in the cache and it
was flagged and quarantined.

I'm sure he gets the exact same message if he were to download an infected
file manually, since that's what an AV program is supposed to do. The file
simply has to be created, moved or simply open the folder it's in and the AV
should warn you and if the setting to quarantine is on auto, move the file
to a safe place where it can't be mistakenly executed.

I'm also wondering, did he run auto-update after he installed Internet
Explorer 7? Yes, I agree, all updates should be rolled into the
installation but guess what? They aren't. After you install it you still
have to run auto-update to get it totally up to speed.

Microsoft said they "fixed" the "flaw" he's showing us, perhaps they
actually did, but if he didn't install the update, then the "flaw" will
naturally show up in his test.

I also find it interesting that there are no comments on the page, even
after almost 200 views (at time I viewed the video) so I'm assuming he's
deleting all arguments about his test.

I personally don't advocate running without antivirus software, but these
types of demonstrations simply add to the paranoia of people that don't
understand the way computers work these days.

Are there exploits? Of course, can you avoid them? Yes, you can, you have
to be smart. Run AV software, use a firewall, don't download files from
sites that look anything like the site he visited, keep your software and
your OS up to date, if you don't know where it came from, don't run it.
It's that simple.

In twenty five plus years of using, working on, with, and building computers
I've had one virus, and I infected the virtual machine deliberately just to
see how much damage it would do. (It was the "stoned" virus, a rather
benign little thing that simply slowed everything down)

Mic

 

[Andy C.(never #)]

Andy C.(never #) wrote:



Just out of interest, could you tell us the name of the virus and the name of the
antivirus program that flagged it ?
Thanks.
.

Nope. Don't want to get fired this close to retirement. Hope you
understand.

No more later,

Andy C.(never #)

 

[bomb#20]

Nope. Don't want to get fired this close to retirement. Hope you
understand.

No more later,

Andy C.(never #)

No. I'm afraid I don't understand.
How can naming a virus type or an antivirus program affect your employment?
What's wrong with telling us which antivirus program actually does something useful?
..

 

[Steve Thackery]

These days all you have to do is receive the email, or visit a website, or

just be connected to the internet.....

..even being connected without a -good- AV app runing is just asking for
it.

You keep making this assertion, but where is your proof?

I've got proof: my PC has been connected to the Internet continuously for
two years, during which time I've made extensive use of email and web
browsing (I work from home, and do my work on the unprotected PC), and it
has come to no harm whatsoever.

I repeat, have you actually tried it, like I have, or are you simply
repeating the assertions you've been brainwashed into believing?

SteveT

 

[Steve Thackery]

Here's an interesting little experiment. Yes, it's being run on XP, but it

does compare IE6, IE7 and Firefox 2 in terms of protecting against a
drive-by ...

Hmmm.... but that "drive by" attack relies on an unpatched bug in IE6. IE7
is unaffected, and IE6 was patched ages ago. Vista - which is what we're
talking about - comes with IE7.

What other drive-by attacks do you know of? Tell you what - I've got all my
data backed up on a NAS, so here's a challenge. Find me a website which you
think will infect my computer, and I will visit it with my unprotected but
fully patched Vista machine, and we'll see what happens. I give you my word
that I will post the results truthfully.

Remember, I shall be complying with my "rules" (posted in the top message),
of which number 3/ is relevant here: I won't deliberately or knowingly
download a program file unless its from a reputable site. All other
security settings are at the Vista default, except I've set my account to an
administrator, and made it so UAC prompts don't need my password.

There's the challenge. Go for it.

SteveT